php


OAuth2 curl reqeust returns 'The client credentials are invalid' for “grant_type = 'password'”


I am trying to get access token for user with credentials , that is registered in DB, with OAuth2.
In my oauth_clients I have a valid client with 'client_id=myclientid', 'client_secret=myclientsecret', 'grant_types=password'.
In my oauth_users table I have test user with 'username=Beno', 'password=aa888'.
I am sending data to 'http://myserver.com/token.php' like this
$ch = curl_init( 'http://myserver.com/token.php' );
curl_setopt( $ch, CURLOPT_HEADER, true);
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt( $ch, CURLOPT_POST, true);
curl_setopt( $ch, CURLOPT_POSTFIELDS, array(
'client_id' => 'myclientid',
'client_secret' => 'myclientsecret',
'grant_type' => 'password',
'username' => 'Beno',
'password' => 'aa888',
'u_id' => 53
) );
$auth = curl_exec( $ch );
on token.php I have this
<?php
if( file_exists("system/includes/autoload.php") ):
require_once("system/includes/autoload.php");
else:
require_once("../system/includes/autoload.php");
endif;
require_once('oauth2-server-php/src/OAuth2/Autoloader.php');
$dsn = 'mysql:dbname='.DATABASENAME.';host='.DBSERVERADDRESS.'';
// error reporting (this is a demo, after all!)
ini_set('display_errors',1);error_reporting(E_ALL);
// Autoloading (composer is preferred, but for this example let's just do this)
OAuth2\Autoloader::register();
// $dsn is the Data Source Name for your database, for exmaple "mysql:dbname=my_oauth2_db;host=localhost"
$storage = new OAuth2\Storage\Pdo(array('dsn' => $dsn, 'username' => DBUSERNAME, 'password' => DBPASSWORD));
// Pass a storage object or array of storage objects to the OAuth2 server class
$server = new OAuth2\Server($storage);
// Add the "Client Credentials" grant type (it is the simplest of the grant types)
$server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage));
// Add the "Authorization Code" grant type (this is where the oauth magic happens)
$server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage));
$server->addGrantType(new OAuth2\GrantType\RefreshToken($storage));
$username = IO::post('username');
$password = IO::post('password');
$user_id = IO::post('u_id');
if ( ! empty( $username ) && ! empty( $password ) & ! empty( $user_id ) ){
$users = array( $username => array('user_id'=> intval($user_id) ,'password' => $password));
$clients = array($client_id => array('client_secret' => $client_secret));
// create a storage object
$storage = new OAuth2\Storage\Memory(array('user_credentials' => $users, 'client_credentials' => $clients));
echo "<pre>";
var_dump($storage);
echo "</pre>";
// create the grant type
$grantType = new OAuth2\GrantType\UserCredentials($storage);
// add the grant type to your OAuth server
$server->addGrantType($grantType);
// Handle a request for an OAuth2.0 Access Token and send the response to the client
$response = new OAuth2\Response();
$re = $server->handleTokenRequest(OAuth2\Request::createFromGlobals(),$response)->send();
echo $re;
}else{
echo "no data";
}
All data is in DB as I have mentioned above. But when I get response it returns me 400 error
{"error":"invalid_client","error_description":"The client credentials are invalid"}
Does anybody know what am I doing wrong?
Check how your authorization server receives client credentials.
You are presenting client credentials as form-post parameters, but your authorization server may expect that client credentials be embedded in Authorization header (Basic Authentication). Read "RFC 6749, 2.3.1. Client Password" carefully. According to the specification, "The authorization server MUST support the HTTP Basic authentication scheme for authenticating clients that were issued a client password." Therefore, embedding client credentials in Authorization header must work for any correct authorization server implementation.

Related Links

error creating dynamic events and ykeys in morris line chart
How to display jQuery variables value in PHP on the same page?
Check a 2D associated array for a string, return the information (PHP)
single-{post-type}.php is not working in wordpress
Multiple post parts in same page
PHP Method Chaining without writing lots of return this
how do i reference a dynamically created list php
Laravel Request show what form the input was captured in
Json data getting read but not inserting into mysql using php
phpunit Mock returns null while original method returns string
How to search for affinity score for audience insight affinity?
Laravel queues in local and production
Doctrine criteria comparing object id to integer
Trouble running Laravel 5 Server. “Whoops, looks like something went wrong.” http://127.0.0.1:8000/
save image in public folder instead storage laravel 5
Need to check login fields from two tables [duplicate]

Categories

HOME
webview
events
powerbi
tomcat
dotnetnuke
barcode-scanner
couchdb
bots
autocomplete
jersey-2.0
mathematical-optimization
swift2
joomla3.2
graphql-js
log4j2
lc3
scrape
game-maker
google-awareness
squid
pywinauto
varnish-vcl
boomi
adminlte
weex
el
ava
exchange-server-2010
router
morris.js
hdmi
infopath2010
windowsiot
lxml
gsp
netstat
assertions
twilio-php
django-crispy-forms
eclipse-gmf
recovery
contactless-smartcard
ol3-google-maps
cordova-ios
openstack-glance
node-apn
winston
mobile-angular-ui
pecl
allegro
ternary-operator
portal
researchkit
rational-performance-test
bilinear-interpolation
clp
nsrunloop
visual-studio-monaco
callouts
mathml
coovachilli
adp
univocity
django-validation
flask-security
html.actionlink
auto-generate
android-audiomanager
phonegap-facebook-plugin
google-hangouts
cakephp-2.2
nesper
dmake
treeline
android-2.3-gingerbread
code-complexity
reference-counting
rails-api
xmi
flipboard
windows-taskbar
meteorite
san
mp4parser
codahale-metrics
unicoins
significant-digits
dojo-1.9
daap
towers-of-hanoi
idispatch
xcode4.5
gitx
instance-variables
popup-blocker
voice-recording
exponent
glx
expression-web
will-paginate
database-deadlocks
turbine
ccnet-config
tessellation
motif
watchpoint

Resources

Mobile Apps Dev
Database Users
javascript
java
csharp
php
android
MS Developer
developer works
python
ios
c
html
jquery
RDBMS discuss
Cloud Virtualization
Database Dev&Adm
javascript
java
csharp
php
python
android
jquery
ruby
ios
html
Mobile App
Mobile App
Mobile App